Recently I have thought more and more about how to make my Internet traffic anonymous. Not for illegal reasons, but just to stop leaving information about me. The methods I know of to anonymize my browsing are services like proxies and VPNs.

I have thought about going the VPN way with services like CyberGhost VPN or vpntunnel.se. As far as I know the problem with proxies is that only http and https traffic will be hidden, but as soon as I use another program than my browser the traffic is not anonymous.

I thought about installing VirtualBox on my Windows 7 system, then running an Ubuntu Linux VM. I would then install the VPN client on the VM. Does that make sense? I am primarily concerned about the risk of virus infection on Windows.

The service vpntunnel.se advertises that it doesn’t store any user data besides the username and email address, but since they are in the EU I don’t know if they actually have to store anything extra because of the data retention laws.

Does anyone have more experience about this? Any ideas on how to make this scenario even more secure?

You're asking multiple questions at once here: How best to anonymize traffic? Should I sandbox my browser in a VM? Can VPN providers provide anonimity? How can I make VPN browsing more secure? StackExchange works best with one question at a time, so you might want to consider simplifying. (And maybe opening more questions as needed.)
–
Graham HillApr 3 '12 at 8:31

4

Of course, as D.W. points out, the answer to all these questions is the same: "Hello, I'm The Doctor. Basically, Tor." :-)
–
Graham HillApr 3 '12 at 13:17

Instead of Tor you can use I2P, which does not suffer this vulnerability because it uses a predefined exit node (or the one you manually choose), and the exit nodes are usually well-maintained servers, so they're way less likely to be malicious or compromised.

VPN is easily tracked down by traffic analysis - tracking packet sizes, network lag and timings, etc. Tor is more resilient to that, and I2P is supposed to be even more resilient but it was not yet investigated as thoroughly as Tor was. Cryptohippie VPN also takes traffic analysis into account and adds additional layers of protection against it.

However, obscuring traffic origin is just a part of the problem.

A web browser is ridiculously easy to track using browser fingerprints, even you've disabled cookies, JavaScript, and everything else you can disable. Panopticlick explains what browser fingerprints are and demonstrates just how easy is, and it's not nearly complete - BrowserSpy.dk lists much more ways of tracking.

VPNs and anonymity networks do not (and usually can not) do anything about your browser fingerprint. You can reduce tracking, but not defeat tracking.

Here's one simple scenario to consider. Every time you browse the web without an anonymity network, the browser fingerprint is sent out there from your real IP. The fingerprint-IP pair can be recorded. If you browse the web with an anonymity network later, your browser fingerprint stays the same - others can still recognize you. Moreover, they may have your real IP address recorded. You're no longer anonymous.

It's enough to go online without an anonymity network just once to blow your cover, both in the past and future, forever (until you significantly change your software setup).

So remember you're being tracked, and NEVER EVER use the same web browser with and without an anonymity network.

In fact, this is not limited to web browsers. Other applications may have a fingerprint too (e.g. BitTorrent clients do), but they are not researched as thoroughly as web browsers were. If you're going to use an application via an anonymity network, be cautious about its setup and make sure it goes into the anonymity network right away, without contacting with the "non-anonymous" Internet even once. Otherwise your attempts at anonymity are in vain.

To avoid disclosing your IP by fingerprinting and not bother remembering which app should be anonymous and which should not (while every mistake is grave), I recommend running anonymity-oriented Linux distros, like Tails or Liberté. This way you'll be sure which programs are anonymous and which are not, and they won't be able to leak their fingerprints into the "non-anonymous" Internet because these distros explicitly prohibit any non-anonymous communications. It's possible to run them in a VM, but better do on a dedicated machine to avoid hardware-based fingerpriting and use better random number generators.

Finally, tracking may be not application- or instance-specific; user accounts on websites uniquely identify you (duh). If you want to stay anonymous, you have to access your user accounts via an anonymity network either always or never. The easiest way to do this is to establish a different identity for anonymous browsing.

Control your data online

Remember, you are tracked. You can reduce tracking, but not defeat tracking. And you leave a lot of info about yourself as you browse, from what your interests are to what places you visit to where you live. For example, search engine history tells a lot about you and sometimes can uniquely identify you. Some other websites collect A LOT of info about you or force you to disclose it, and what's worse, they often disclose it to third parties.

Social networks are evil. You can either not use them altogether or own your data by using Diaspora.

Online map services are not necessarily evil, but they get important info about you. I'm not aware of any anonymous map services, but of course I recommend avoiding Google Maps. Perhaps OpenStreetMap tracks less or doesn't track, but I haven't checked.

Same goes for email, IM, etc. Communicate via SSL'd and non-logged email and IM or use end-to-end encryption via a web of trust.

Finally, try to reduce tracking. Use a browser that supports DoNotTrack HTTP header and enable DoNotTrack headers in settings. Use some tracking-blocker browser extension. Use Mozilla Collusion to analyze and disable tracking. Use DNSCrypt if you don't want your ISP to know which websites you visit, or at least don't forget to check for DNS leaks if you're trying to use a custom DNS server without encryption. Remember you're being tracked at all times, no matter what you do to get rid of it. Read privacy policies. Be paranoid.

OK, if you want to anonymize then use the TOR network, but you'd have to make sure you aren't signed into anything, you've cleared your cookies beforehand, and you don't sign into anything while on the TOR network... that's how you allow yourself to stay anonymous.

If you use a VPN it will mainly help by just taking any of your accounts and data and "you" as a computer user somewhere else on the planet. But it doesn't keep moving like the TOR network does.

If you use either method, ALL traffic from your network card is routed fhs TOR or the VPN.. not just the browser.

I like to run an instance of Microsoft Windows Server 2003 or 2008 on Amazon AWS. You can remote desktop into an running instance and surf the web anonymously. Your IP address will change every-time you start your instance.

Ok, there is a downside to VPNs. For example, the VPN Service HideMyAss is alleged to have provided log information to law enforcement.

The justification HideMyAss gave was:

As stated in our terms of service and privacy policy our service is not to be used for illegal activity, and as a legitimate company we will cooperate with law enforcement if we receive a court order (equivalent of a subpoena in the US).

So a VPN will work for most legal use, but might not stand up against an investigation by the authorities. It is not just "talking about vpns" that might lead authorities to know who you rent a VPN from, but also paper trails such as payments to the company.